<?php
/*-------------------------------------------------------+
| PHP-Fusion Content Management System
| Copyright (C) 2002 - 2008 Nick Jones
| http://www.php-fusion.co.uk/
+--------------------------------------------------------+
| Filename: jquery_shoutbox_panel.php
| Author: bartek124
| E-Mail: bartek124@php-fusion.pl
| Web: http://bartek124.php-fusion.pl
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
if (!defined("IN_FUSION")) { die("Access Denied"); }

if (file_exists(INFUSIONS."jquery_shoutbox_panel/locale/".$settings['locale'].".php")) {
	include INFUSIONS."jquery_shoutbox_panel/locale/".$settings['locale'].".php";
} else {
	include INFUSIONS."jquery_shoutbox_panel/locale/English.php";
}
require_once INFUSIONS."jquery_shoutbox_panel/jquery_shoutbox_functions.php";

$link = FUSION_SELF.(FUSION_QUERY ? "?".FUSION_QUERY : "");
$link = preg_replace("^(&amp;|\?)s_action=(edit|delete)&amp;shout_id=\d*^", "", $link);
$sep = stristr($link, "?") ? "&amp;" : "?";

if (iMEMBER && (isset($_GET['s_action']) && $_GET['s_action'] == "delete") && (isset($_GET['shout_id']) && isnum($_GET['shout_id']))) {
	if ((iADMIN && checkrights("S")) || (iMEMBER && dbcount("(shout_id)", DB_SHOUTBOX, "shout_id='".$_GET['shout_id']."' AND shout_name='".$userdata['user_id']."'"))) {
		$result = dbquery("DELETE FROM ".DB_SHOUTBOX." WHERE shout_id='".$_GET['shout_id']."'".(iADMIN ? "" : " AND shout_name='".$userdata['user_id']."'"));
	}
	redirect($link);
}
openshoutbox("Shoutbox");
?>
	<script type="text/javascript" id="sourcecode">
			$(function()
			{
				$('.con_shoutbox_container').jScrollPane();
			});
		</script>
                <?php
echo "<div class='con_shoutbox_container'>\n";
if (iMEMBER || $settings['guestposts'] == "1") {
	include_once INCLUDES."bbcode_include.php";
	if (isset($_POST['post_shout'])) {
		$flood = false;
		if (iMEMBER) {
			$shout_name = $userdata['user_id'];
		} elseif ($settings['guestposts'] == "1") {
			$shout_name = trim(stripinput($_POST['shout_name']));
			$shout_name = preg_replace("(^[0-9]*)", "", $shout_name);
			if (isnum($shout_name)) { $shout_name = ""; }
			include_once INCLUDES."securimage/securimage.php";
			$securimage = new Securimage();
			if (!isset($_POST['sb_captcha_code']) || $securimage->check($_POST['sb_captcha_code']) == false) { redirect($link); }
		}
		$shout_message = str_replace("\n", " ", $_POST['shout_message']);
		$shout_message = preg_replace("/^(.{255}).*$/", "$1", $shout_message);
		$shout_message = trim(stripinput(censorwords($shout_message)));
		if (iMEMBER && (isset($_GET['s_action']) && $_GET['s_action'] == "edit") && (isset($_GET['shout_id']) && isnum($_GET['shout_id']))) {
			$comment_updated = false;
			if ((iADMIN && checkrights("S")) || (iMEMBER && dbcount("(shout_id)", DB_SHOUTBOX, "shout_id='".$_GET['shout_id']."' AND shout_name='".$userdata['user_id']."'"))) {
				if ($shout_message) {
					$result = dbquery("UPDATE ".DB_SHOUTBOX." SET shout_message='$shout_message' WHERE shout_id='".$_GET['shout_id']."'".(iADMIN ? "" : " AND shout_name='".$userdata['user_id']."'"));
				}
			}
			redirect($link);
		} elseif ($shout_name && $shout_message) {
			require_once INCLUDES."flood_include.php";
			if (!flood_control("shout_datestamp", DB_SHOUTBOX, "shout_ip='".USER_IP."'")) {
				$result = dbquery("INSERT INTO ".DB_SHOUTBOX." (shout_name, shout_message, shout_datestamp, shout_ip) VALUES ('$shout_name', '$shout_message', '".time()."', '".USER_IP."')");
			}
		}
		redirect($link);
	}
	if (iMEMBER && (isset($_GET['s_action']) && $_GET['s_action'] == "edit") && (isset($_GET['shout_id']) && isnum($_GET['shout_id']))) {
		$esresult = dbquery(
			"SELECT ts.*, tu.user_id, tu.user_name FROM ".DB_SHOUTBOX." ts
			LEFT JOIN ".DB_USERS." tu ON ts.shout_name=tu.user_id
			WHERE ts.shout_id='".$_GET['shout_id']."'"
		);
		if (dbrows($esresult)) {
			$esdata = dbarray($esresult);
			if ((iADMIN && checkrights("S")) || (iMEMBER && $esdata['shout_name'] == $userdata['user_id'] && isset($esdata['user_name']))) {
				if ((isset($_GET['s_action']) && $_GET['s_action'] == "edit") && (isset($_GET['shout_id']) && isnum($_GET['shout_id']))) {
					$edit_url = $sep."s_action=edit&amp;shout_id=".$esdata['shout_id'];
				} else {
					$edit_url = "";
				}
				$shout_link = $link.$edit_url;
				$shout_message = $esdata['shout_message'];
			}
		} else {
			$shout_link = $link;
			$shout_message = "";
		}
	} else {
		$shout_link = $link;
		$shout_message = "";
	}

	add_to_head("<script type='text/javascript' charset='".$locale['charset']."'>\n".
	"\tvar basedir = '".BASEDIR."';\n".
	"\tvar imember = ".(iMEMBER ? "true" : "false").";\n".
	"\tvar floodinterval = ".$settings['flood_interval'].";\n".
	"\tvar locale = new Array();\n".
	"\tlocale['global_076'] = '".$locale['global_076']."';\n".
	"\tlocale['global_157'] = '".$locale['global_157']."';\n".
	"\tlocale['jsp_002'] = '".$locale['jsp_002']."';\n".
	"\tlocale['jsp_003'] = '".$locale['jsp_003']."';\n".
	"\tlocale['jsp_004'] = '".$locale['jsp_004']."';\n".
	"</script>\n
	");
add_to_head("<script type='text/javascript' src='".INFUSIONS."jquery_shoutbox_panel/jquery_shoutbox.js' charset='".$locale['charset']."'></script>");


	
}


$numrows = dbcount("(shout_id)", DB_SHOUTBOX);
$result = dbquery(
	"SELECT ts.*, tu.user_id, tu.user_name FROM ".DB_SHOUTBOX." ts
	LEFT JOIN ".DB_USERS." tu ON ts.shout_name=tu.user_id
	ORDER BY ts.shout_datestamp DESC LIMIT 0,".$settings['numofshouts']
);
echo "<div id='shout_messages' class='con_shoutbox_box'>";
if (dbrows($result)) {
	$i = 0;
	while ($data = dbarray($result)) {
		echo "<div id='shout_".$data['shout_id']."'><div class='shoutboxname'>";
		if ($data['user_name']) {
			echo "<div class='con_shoutbox_avatar'><img src='".THEME."images/con_shoutbox_defaultavatar.png' align='left'></div><div class='con_shoutbox_top_1' id='shoutbox_user_name'><a href='".BASEDIR."profile.php?lookup=".$data['shout_name']."' class='con_shoutbox_top_link'>".$data['user_name']."</a> ".date("d.m.Y H:i", $data['shout_datestamp'])."</div>\n";
		} else {
                    echo "<img src='".THEME."images/con_shoutbox_defaultavatar.png' align='left'>";
			echo $data['shout_name']."\n";
		}
		echo "</div>\n";
		echo "<div class='con_shoutbox_con'>".sbwrap(parseubb(parsesmileys($data['shout_message']), "b|i|u|url|color"))."</div>\n";
                echo "<br />\n";
		$i++;
		if ($i != $numrows) { echo "<br />\n"; }
		echo "</div>";
	}
        
} else {
	echo "<div>".$locale['global_156']."</div>\n";
}


echo "</div>";

if ($numrows > $settings['numofshouts']) {
	echo "<br /><div style='text-align:center'>\n<a href='".INFUSIONS."jquery_shoutbox_panel/jquery_shoutbox_archive.php' class='side'>".$locale['global_155']."</a>\n</div>\n";
}
echo "</div></div>\n";
if(iMEMBER){
echo "<div class='con_shoutbox_footer' valign='bottom'>\n";
	echo "<a id='edit_shout' name='edit_shout'></a>\n";
	echo "<form name='shout_form' method='post' action='".$shout_link."'>\n";
        echo "<input type='hidden' name='shout_name' value='".$userdata['user_id']."' />\n";
	echo "<input type='hidden' name='sb_captcha_code' value='' />\n";
	echo "<input type='hidden' name='edited_id' value='' />\n";
	echo "<div style='float: left;'><textarea name='shout_message' class='con_shoutbox_textarea'>".$shout_message."</textarea></div>\n";
	echo "<div style='float: right;margin-right: 23px;'><input type='submit' name='post_shout' value='Dodaj shouta' class='con_shoutbox_button' /></div> ";
	echo "</form>\n";
	echo "<div id='shout_preloader' style='display:none;text-align:center;'><img id='sshout_preloader' src='".INFUSIONS."jquery_shoutbox_panel/loading.gif' alt='' style='border:0;' /></div>\n";
} else{
        	echo "<br/><br/><div class='con_panel_con' style='margin: 0px 0px 0px 45px;'>".$locale['global_154']."</div><br />\n";

}
echo "</div>\n";
closeshoutbox();
?>